Mozilla says the software is "temporarily removed" which suggests the flaw is reasonably serious. In a blog post, Mozilla explains:

"The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters... At this time we have no indication that this vulnerability is currently being exploited in the wild."

An updated version of the software should be available by tomorrow, but in the meantime Mozilla suggests that users may want to considered downgrading "as a precaution". [Mozilla via Ars Technica]